Merge branch 'master' into feature/restricted-users

routers/api/v1/repo/issue_tracked_time.go

@@ -12,6 +12,7 @@ import (
 
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/context"
+	"code.gitea.io/gitea/modules/convert"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/routers/api/v1/utils"
 )
@@ -93,7 +94,7 @@ func ListTrackedTimes(ctx *context.APIContext) {
 		ctx.Error(http.StatusInternalServerError, "LoadAttributes", err)
 		return
 	}
-	ctx.JSON(http.StatusOK, trackedTimes.APIFormat())
+	ctx.JSON(http.StatusOK, convert.ToTrackedTimeList(trackedTimes))
 }
 
 // AddTime add time manual to the given issue
@@ -178,7 +179,7 @@ func AddTime(ctx *context.APIContext, form api.AddTimeOption) {
 		ctx.Error(http.StatusInternalServerError, "LoadAttributes", err)
 		return
 	}
-	ctx.JSON(http.StatusOK, trackedTime.APIFormat())
+	ctx.JSON(http.StatusOK, convert.ToTrackedTime(trackedTime))
 }
 
 // ResetIssueTime reset time manual to the given issue
@@ -399,7 +400,7 @@ func ListTrackedTimesByUser(ctx *context.APIContext) {
 		ctx.Error(http.StatusInternalServerError, "LoadAttributes", err)
 		return
 	}
-	ctx.JSON(http.StatusOK, trackedTimes.APIFormat())
+	ctx.JSON(http.StatusOK, convert.ToTrackedTimeList(trackedTimes))
 }
 
 // ListTrackedTimesByRepository lists all tracked times of the repository
@@ -486,7 +487,7 @@ func ListTrackedTimesByRepository(ctx *context.APIContext) {
 		ctx.Error(http.StatusInternalServerError, "LoadAttributes", err)
 		return
 	}
-	ctx.JSON(http.StatusOK, trackedTimes.APIFormat())
+	ctx.JSON(http.StatusOK, convert.ToTrackedTimeList(trackedTimes))
 }
 
 // ListMyTrackedTimes lists all tracked times of the current user
@@ -530,5 +531,5 @@ func ListMyTrackedTimes(ctx *context.APIContext) {
 		return
 	}
 
-	ctx.JSON(http.StatusOK, trackedTimes.APIFormat())
+	ctx.JSON(http.StatusOK, convert.ToTrackedTimeList(trackedTimes))
 }

routers/api/v1/repo/pull.go

@@ -600,20 +600,43 @@ func MergePullRequest(ctx *context.APIContext, form auth.MergePullRequestForm) {
 		return
 	}
 
+	perm, err := models.GetUserRepoPermission(ctx.Repo.Repository, ctx.User)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
+		return
+	}
+
+	allowedMerge, err := pull_service.IsUserAllowedToMerge(pr, perm, ctx.User)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "IsUSerAllowedToMerge", err)
+		return
+	}
+	if !allowedMerge {
+		ctx.Error(http.StatusMethodNotAllowed, "Merge", "User not allowed to merge PR")
+		return
+	}
+
 	if !pr.CanAutoMerge() || pr.HasMerged || pr.IsWorkInProgress() {
 		ctx.Status(http.StatusMethodNotAllowed)
 		return
 	}
 
-	isPass, err := pull_service.IsPullCommitStatusPass(pr)
-	if err != nil {
-		ctx.Error(http.StatusInternalServerError, "IsPullCommitStatusPass", err)
-		return
-	}
-
-	if !isPass && !ctx.IsUserRepoAdmin() {
-		ctx.Status(http.StatusMethodNotAllowed)
-		return
+	if err := pull_service.CheckPRReadyToMerge(pr); err != nil {
+		if !models.IsErrNotAllowedToMerge(err) {
+			ctx.Error(http.StatusInternalServerError, "CheckPRReadyToMerge", err)
+			return
+		}
+		if form.ForceMerge != nil && *form.ForceMerge {
+			if isRepoAdmin, err := models.IsUserRepoAdmin(pr.BaseRepo, ctx.User); err != nil {
+				ctx.Error(http.StatusInternalServerError, "IsUserRepoAdmin", err)
+				return
+			} else if !isRepoAdmin {
+				ctx.Error(http.StatusMethodNotAllowed, "Merge", "Only repository admin can merge if not all checks are ok (force merge)")
+			}
+		} else {
+			ctx.Error(http.StatusMethodNotAllowed, "PR is not ready to be merged", err)
+			return
+		}
 	}
 
 	if len(form.Do) == 0 {

routers/api/v1/repo/repo.go

@@ -318,7 +318,6 @@ func CreateOrgRepo(ctx *context.APIContext, opt api.CreateRepoOption) {
 	// swagger:operation POST /orgs/{org}/repos organization createOrgRepo
 	// ---
 	// summary: Create a repository in an organization
-	// deprecated: true
 	// consumes:
 	// - application/json
 	// produces: